Blockchain

Tag Archive

Computer scientist Ronald Rivest has said that blockchain is not the right technology to vote, although it may find the right application in a number of other areas. Rivest gave his opinion at the RSA Security Conference, held earlier this week in San Francisco, reported technology-focused news broadcast ITWire on February. 28. Rivest – who is a cryptography expert and professor at the Massachusetts Institute of Technology – called voices an interesting problem that requires a stricter approach compared to many existing security applications. He said:

“Blockchain is the wrong security technology to vote. I like to bring a combination lock to a kitchen fire or something. It is good for certain things in itself, but it is not good to vote.

The debate over blockchain-based political voting re-emerged recently as Democratic US presidential hopeful Andrew Yang backs the technology to boost voter numbers and security, while a French researcher has hacked into the blockchain-based voting system which officials plan to use next month for the 2019 Moscow City Duma election. On his campaign website, Yang states that voting should be available via mobile devices with verification through blockchain. He argues that modernising voting with decentralised ledger technology could increase security, reduce inconsistent processes between states and restore confidence in democracy. Philip Boucher, a European Policy Research Service (EPRS) policy analyst, explains the theory behind blockchain voting: “In elections, we usually have a central authority that records, checks and counts all of the votes. With blockchain, the process is decentralised so everyone can hold a copy of the full voting record on their own devices. The data is encrypted to protect the identity of individual voters. Illegitimate votes cannot be added and the historical record cannot be changed because everyone holds a copy and can check that all of the votes comply with the rules and are counted properly.” Some have even suggested that in future, blockchain votes could be encoded into ‘smart contracts’ so that the results automatically take effect “like a self-implementing manifesto”. Several countries and local authorities have explored or experimented with the idea of digital voting.

Russia is looking forward to its September 2019 elections for the representatives at the Parliament of the city (the Moscow City Douma). For the first time ever, Russia will use Internet voting in its elections. The internet-based system will use blockchain developed in-house by the Moscow Department of Information Technology. Since the news broke out, security experts have been quite skeptical about the overall applicability of blockchain to elections. Recently, a French security researcher Pierrick Gaudry has found a critical vulnerability in the encryption scheme used in the coding of the voting system. The scheme used was the ElGamal encryption, which is an asymmetric key encryption algorithm for public-key cryptography. Gaudry revealed that it can be broken in about 20 minutes using a standard personal computer and using only free software that is publicly available. The main problem, Gaudry says is in the choice of three cyclic groups of generators. These generators are multiplicative groups of finite fields of prime orders each of them being Sophie Germain primes. These prime fields are all less than 256-bit long and the 256×3 private key length is too little to guarantee strong security. Discrete logarithms in such a small setting can be computed in a matter of minutes, thus revealing the secret keys, and subsequently easily decrypting the encrypted data. Gaudry also showed that the implemented version of ElGamal worked in groups of even order, which means that it leaked a bit of the message. What an attacker can do with these encryption keys is currently unknown, since the voting system’s protocols weren’t yet available in English, so Gaudry couldn’t investigate further.

A recent research report by a French cryptographer demonstrates that a blockchain voting framework utilized in Moscow’s municipal elections is susceptible to hacking. The researcher at the French government research establishment CNRS, Pierrick Gaudry, have examined the open code of the e-voting platform dependent on Ethereum in his paper. Gaudry inferred that the encryption plan utilized by a portion of the code is “totally insecure.” The research report titled, “Breaking the encryption scheme of the Moscow internet voting system” by Pierrick Gaudry, a researcher from CNRS, French governmental scientific institution had examined the encryption plan used to verify the open code of the Moscow city government’s Ethereum-based platform for e-voting. Gaudry concluded that the encryption scheme utilized by a portion of the code is entirely insecure by clarifying –

We will show in this note that the encryption scheme used in this part of the code is completely insecure. It can be broken in about 20 minutes using a standard personal computer and using only free software that is publicly available. More precisely, it is possible to compute the private keys from the public keys. Once these are known, any encrypted data can be decrypted as quickly as they are created.

Last year, West Virginia did something no other U.S. state had done in a federal election before: It allowed overseas voters the option to cast absentee ballots for the midterm election via a blockchain-enabled mobile app. According to Voatz, the company West Virginia worked with, 144 individuals from 31 countries successfully submitted ballots via the app for the November election. Before that, there was a smaller pilot of the system in two West Virginia counties that May. West Virginia billed the experiment as a success and says it plans to use the technology again in 2020. Voatz has already made deals with other local governments in the U.S., most recently for Denver’s May municipal election. But how secure and accurate was the 2018 vote? It’s impossible to tell because the state and the company aren’t sharing the basic information experts say is necessary to properly evaluate whether the blockchain voting pilot was actually a resounding success. With 2020 looming, that’s troubling, given what we now know about the extent of Russian incursions into our election systems in 2016.

It really gets old being a guinea pig. Not because of the cagey confines, but for the insistence of those who try their ideas out on you. Overseas and military voters continue to be the guinea pigs for unvetted online voting ideas, the new one being “blockchain voting”. We have been here before. Overseas and military voters do need continued meaningful reforms across all states, and it is good when people truly care enough to examine and invest in solutions. What we do not need is a distraction that introduces new threats to overseas and military ballot integrity. The cliché “disruption model” doesn’t belong in our elections. Particularly in light of Russia’s cyber-interference in elections in Ukraine in 2014 and the US in 2016, we should consider with extra caution the idea of putting the entire voting process online. Russia itself is pushing to use this same technology for voting. Maybe it is worth a deeper look at it before we rush to its implementation? Perhaps investment in a threat detection system, which most state election offices cannot yet afford, would, at minimum, be a wise first course of action. Typically election systems must undergo formal testing and certification. Public access and examination is crucial. With a fully online system, that requirement is far more serious. Internet voting is not the same sort of simple transaction as is online banking; it is far more complex due to the fact that there must be a separation of the transaction from the identity of the person executing it. Just because there is a “blockchain” for the transaction doesn’t make the total voting system secure. The bottom line: it should not be possible to implement these systems in real elections without full and complete public examination. It is not sufficient to declare a technology as “tested” when it is used only in private elections and by outside companies hired to do “security audits”.

Blockchain, the ingenious database technology best known for underpinning the faddish digital currency Bitcoin, is reviving the utopian fantasies of the early internet era. In an influential manifesto from that time, “A Declaration of the Independence of Cyberspace,” published in 1996, the essayist and activist John Perry Barlow opposed the idea of government regulation of the internet, offering instead an anarchical vision of an online world in which a decentralized network of people existed free from all authorities and intermediaries save for their own “social contract.” Whatever else Barlow’s statement might have been, it was not prophetic. The online world today is full of authorities and intermediaries — search engines, social media platforms, cloud computing services, internet service providers — all of which exert considerable control over cyberspace and are themselves shaped by laws and regulations. It is hard to imagine a cyberlibertarian paradise emerging from that.

South Korea plans to develop a blockchain voting system, with trials starting next month in the private sector. The Ministry of Science and ICT, and the National Election Commission (NEC) said they will develop a blockchain-based online voting system by December. The NEC ran an online voting system, dubbed K-voting, back in 2013, which has since been used by 5.64 million people but trust in the voting system remains low due to hacking and fraud concerns. The latest system to be developed will apply blockchain in voter authentication and result saving, which will increase transparency and security, the government said.

Now that we’re past Election Day, a certain sort of “silly season” has begun. I’m talking about folks coming up with big ideas on how to fix our outdated voting system. And one of the big ideas out there is using blockchain for voting. Let’s stop that conversation – now. The other day, the Twitter cryptoverse blew up after Alex Tapscott, co-founder of the Blockchain Research Institute, had his op-ed on the matter published in The New York Times. In it, Tapscott presents his case for using a blockchain to carry out online voting. He apparently believes such a process would be much more decentralized and safe from hacking. The only downside, he claims, is a potential delay in the voting process. Let me just tell you straight up: This is a terribly ill-considered idea, for a variety of reasons.

West Virginia residents living overseas have started casting their ballots this November’s elections using a mobile app that runs on blockchain encryption, state officials announced Monday. The votes that have come in so far are the first general-election ballots in the state’s experiment with a new form of voting technology that has drawn scrutiny from election-security analysts. Overseas voters started using the app for the November elections starting last Friday. The state first used the app, called Voatz, in two of its 55 counties during the May 8 primary election as a potential solution for deployed members of the U.S. military and civilians living abroad to cast ballots back home. Following four different independent audits verifying the votes submitted over the app, Secretary of State Mac Warner offered it to the rest of the state ahead of the Nov. 6 general election.

The United States National Academies of Sciences (NASEM) released a report which asserted that virtual voting systems ought to be shelved. The firm is supporting the use of paper ballots in the entire US electoral system by 2020. According to the report entailed in the 156 page document, NASEM insists that virtual systems of voting ought to be shelved until such a time that the system can be verified to be secure. Authors of the said report are of the view that making use of the blockchain as an irreversible ballot box may appear promising, however, the technology may not be in a position of addressing the essential issues of the electoral process. The report is in essence a conclusion of a study that lasted two years. The committee behind the research comprised of election scholars, cybersecurity experts, as well as social scientists. Over and above, the report campaigns for the use of human-readable paper ballots in the next US elections.

Blockchain technology is unsuitable for use in voting systems until they are verified as secure, a scientific report has warned. The study, from the US National Academies of Sciences, Engineering, and Medicine, concludes that internet-based voting systems are not ready for current use, although they “may seem promising” for use in the future. “Insecure internet voting is possible now, but the risks currently associated with internet voting are more significant than the benefits,” the report reads. “Secure internet voting will likely not be feasible in the near future.

Several startup companies have recently begun to promote Internet voting systems, but with a new twist – using a blockchain as the container for voted ballots transmitted over the Internet from the voter’s private device. Blockchains are a relatively new system category a little akin to a distributed database. Proponents of blockchain voting promote it as a revolutionary innovation providing strong security guarantees that enable truly secure online elections. Unfortunately, these claims are false. Blockchains do not offer any real election security at all.

Internet voting has been studied by computer security researchers for over twenty years. Cyber security experts universally agree that no technology, including blockchains, can adequately secure an online public election. Elections have unique security and privacy requirements fundamentally different from and much more stringent than those in other applications, such as e-commerce. They are uniquely vulnerable because anyone on Earth can attack them, and a successful cyberattack might go completely undetected, resulting in the wrong people elected with no evidence that anything was amiss.

With the U.S. heading into a pivotal midterm election, little progress has been made on ensuring the integrity of voting systems—a concern that retook the spotlight when the 2016 presidential election ushered Donald Trump into the White House amid allegations of foreign interference. A raft of start-ups has been hawking what they see as a revolutionary solution: repurposing blockchains, best known as the digital transaction ledgers for cryptocurrencies like Bitcoin, to record votes. Backers say these internet-based systems would increase voter access to elections while improving tamper-resistance and public auditability. But experts in both cybersecurity and voting see blockchains as needlessly complicated, and no more secure than other online ballots. Existing voting systems do leave plenty of room for suspicion: Voter impersonation is theoretically possible (although investigations have repeatedly found negligible rates for this in the U.S.); mail-in votes can be altered or stolen; election officials might count inaccurately; and nearly every electronic voting machine has proved hackable. Not surprisingly, a Gallup poll published prior to the 2016 election found a third of Americans doubted votes would be tallied properly.

Amid suspicions of interference in the 2016 elections, states must be more careful than ever to provide heightened security in this year’s primaries. Yet, West Virginia has just introduced a more vulnerable form of voting for deployed military personnel. West Virginia is now the first state to pilot blockchain technology, to allow some deployed soldiers to vote through mobile phones. Yet cyber security experts warn that this technology, also used for cryptocurrencies, poses dangers for voting. Instead of pioneering voting’s future, West Virginia is paving the way for future election hacking. Blockchain technology addresses only part of the security process currently used by those administering U.S. elections. It’s like installing a high-tech lock and alarm system in your home, and then leaving a front door key and the alarm pass code under the doormat. The alarm system may work perfectly, but until the keys and pass codes are also secure, your home won’t be secure, either.

Blockchain is not only crappy technology but a bad vision for the future. Its failure to achieve adoption to date is because systems built on trust, norms, and institutions inherently function better than the type of no-need-for-trusted-parties systems blockchain envisions. That’s permanent: no matter how much blockchain improves it is still headed in the wrong direction. This December I wrote a widely-circulated article on the inapplicability of blockchain to any actual problem. People objected mostly not to the technology argument, but rather hoped that decentralization could produce integrity.

Recently, a number of technology blogs breathlessly brought news that Sierra Leone “became the first country in the world to use blockchain during an election” on March 7th. “The tech, created by Leonardo Gammar of Agora, anonymously stored votes in an immutable ledger, thereby offering instant access to the election results,” according to TechCrunch. Blockchain ledgers, the theory goes, are more difficult to tamper with than traditional methods for storing vote data. PCMag called the election a “milestone,” showing that “blockchain networks and immutable ledgers can serve as a foundation for new trusted systems, redefining how we interact with an evolving digital world.” To be fair, these items, based on Agora’s own press release, generally noted several paragraphs below their headlines about a “blockchain-based election” that Agora was not verifying the official nationwide count—it had simply been registered as an observer in one district.

Following the presidential elections conducted in Sierra Leone on March 7, it was widely reported in the media that Sierra Leone had become the first country in the world to run blockchain-powered elections. These reports were based on the claims of a Swiss blockchain company, Agora, where it said that the country had utilized blockchain tech to tally and audit the election results. However, it seems that the company’s claims were entirely false. The National Election Commission (NEC) of Sierra Leone released an official statement on Twitter on March 18 to set the record straight. The tweet quoted the NEC Chair Mohamed Conteh saying that “the NEC has not used, and is not using blockchain technology in any part of the electoral process.”

Last week Sierra Leone became the first country in the world to hold blockchain elections. They were supervised by Agora, a blockchain startup based in Switzerland. Once the voting of the region had taken place, over 400, 000 ballots were then manually fed into Agora,s blockchain. The CEO of Agora was very pleased with how smooth the process worked. He exuded excitement for the future of blockchain elections saying: “I strongly believe that this election is the beginning of a much larger blockchain voting movement.”

I’ve been asked about a number of ideas lately involving voting systems and blockchains. This blog piece talks about all the security properties that a voting system needs to have, where blockchains help, and where they don’t. Let’s start off a decade ago, when Daniel Sandler and I first wrote a paper saying blockchains would be useful for voting systems. We observed that voting machines running on modern computers have overwhelming amounts of CPU and storage, so let’s use it in a serious way. Let’s place a copy of every vote on every machine and let’s use timeline entanglement (Maniatis and Baker 2002), so every machine’s history is protected by hashes stored on other machines. We even built a prototype voting system called VoteBox that used all of this, and many of the same ideas now appear in a design called STAR-Vote, which we hope could someday be used by real voters in real elections.

What is a blockchain good for? Fundamentally, it’s about having a tamper-evident history of events. In the context of a voting system, this means that a blockchain is a great place to store ballots to protect their integrity. STAR-Vote and many other “end-to-end” voting systems have a concept of a “public bulletin board” where encrypted votes go, and a blockchain is the obvious way to implement the public bulletin board. Every STAR-Vote voter leaves the polling place with a “receipt” which is really just the hash of their encrypted ballot, which in turn has the hash of the previous ballot. In other words, STAR-Vote voters all leave the polling place with a pointer into the blockchain which can be independently verified. … Achieving a “cast as intended” property requires a variety of mechanisms ranging from paper ballots and spot challenges of machines. The blockchain protects the integrity of the recorded vote, but has nothing to say about its fidelity to the intent of the voter.